X
Back to blog

Cybersecurity Insights with Contrast CISO David Lindner | 04/25/25

By David Lindner, Chief Information Security Officer

April 25, 2025

Insight No. 1 — Fast code, slow security? Think ADR

Consider the scenario: Development teams are pushing code at unprecedented speeds, and vulnerabilities, whether human or AI-generated, are lingering far too long. What's the logical outcome? Increased exploitation in your production environment. The strategic imperative is clear: We must implement robust detection and response capabilities within production itself. Application Detection and Response (ADR) offers a vital solution to this escalating risk.

Insight No. 2 — Don't block AI. Build with it

AI's momentum is undeniable. Resist its adoption, and security leadership risks irrelevance. The strategic imperative is not to block, but to guide. Establish clear parameters and efficient approval processes to harness AI's power securely and propel the business forward.

Insight No. 3 —Slopsquatting: When AI turns malicious

What happens when the helpful AI you deployed becomes the source of a sophisticated attack? Slopsquatting demonstrates this reality, where manipulated AI outputs guide users to malicious destinations. Proactive monitoring of AI interactions and validation of their outputs are now critical security controls, not just theoretical concerns.
vulnerabilities exploit Exploitation Application Detection and Response AI adoption Secure AI AI guidance Slopsquatting Malicious AI
David Lindner, Chief Information Security Officer

David Lindner, Chief Information Security Officer

David is an experienced application security professional with over 20 years in cybersecurity. In addition to serving as the chief information security officer, David leads the Contrast Labs team that is focused on analyzing threat intelligence to help enterprise clients develop more proactive approaches to their application security programs. Throughout his career, David has worked within multiple disciplines in the security field—from application development, to network architecture design and support, to IT security and consulting, to security training, to application security. Over the past decade, David has specialized in all things related to mobile applications and securing them. He has worked with many clients across industry sectors, including financial, government, automobile, healthcare, and retail. David is an active participant in numerous bug bounty programs.

Previous

Wiz and Contrast Security join forces to deliver clear visibility into application vulnerabilities
Next

Research uncovers: EDR's blindness to application exploits, WAF's inability to cut through the noise
Enlarged Image